[thelist] Storing CC Information [was: Specific Ecommerce Requirements]
Hershel Robinson
hershel at galleryrobinson.com
Tue Oct 17 12:36:55 CDT 2006
>> But that's the answer--put in the MySQL DB. Many ecommerce packages
do this by anyway--even if they do place the charge automatically at
checkout time.
>
> And they shouldn't. You don't keep people's CC
> numbers any longer than is absolutely necessary
> (unless you want to comply with the processors'
> data security reqs [tip: you don't] and/or get
> ejected by your card company).
FWIW, this I received from a US lawyer:
<quote>
Since you are not sharing or selling credit card information, there are
no specific restrictions or regulations concerning the storage of credit
card information that I could find, other than any requirements imposed
by your bank or credit card processor, which would be contractual.
</quote>
Hershel
--
Web Site Construction by Gallery Robinson
http://galleryrobinson.com/
More information about the thelist
mailing list